RSA Hack and lessons learned

Jul. 15th, 2021 08:27 am
[personal profile] ionelv

In May, Wired published a story about the RSA hack. Reddit covered it. One part stood out for me: how the supposedly air-gapped seed server was not only not air-gapped at all, but it was set up incorrectly allowing incoming connections (instead of much more secure outgoing connections only):


[O]ne server on RSA’s internet-connected network was linked, through a firewall that allowed no other connections, to the seed warehouse on the manufacturing side. Every 15 minutes, that server would pull off a certain number of seeds so that they could be encrypted, written to a CD, and given to SecurID customers.

It baffles me, that RSA thought that was good network security back then, or that they were watching the hacking in real time, instead of shutting the whole thing down right away.

  • Add Memory
  • Share This Entry
This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting
 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.

Profile

JMA-PSOS

December 2025

S M T W T F S
 1 234 56
78 9 1011 12 13
14 151617 181920
21 222324 2526 27
28 293031   

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Dec. 29th, 2025 11:22 pm
Powered by Dreamwidth Studios